class EmployeeController < ApplicationController
  before_filter :authorize

 # @current_employee = Employee.find_by_id(session[:employee_id])

def add_employee
  @title = "New Employee"

  @user = Employee.find_by_id(session[:employee_id])
  if not @user.is_manager
    if  (Integer(session[:employee_id]) != Integer(params[:id]))
      flash[:notice] = "You must be a manager to edit some one else's information"
      redirect_to :action=> "index"
    end
  end

    if param_posted?(:employee)
      @employee = Employee.new(params[:employee])
      if @employee.save 
        flash[:notice] = "Employee #{@employee.first_name} #{@employee.last_name} created!"
        redirect_to :controller => "employee", :action => "index"
      end
    end
  end

  def edit_employee
	@user = Employee.find_by_id(session[:employee_id])
	if not @user.is_manager
	    if  (Integer(session[:employee_id]) != Integer(params[:id]))
    		flash[:notice] = "You must be a manager to edit some one else's information"
    		redirect_to :action=> "index"
		end
	end

	@employee = Employee.find(params[:id])
    @title = "Editing #{@employee.first_name} #{@employee.last_name}"
    if param_posted?(:employee)
      if @employee.update_attributes(params[:employee])
        flash[:notice] = "Employee #{@employee.first_name} #{@emploee.last_name} updated"
        redirect_to :controller => "employee", :action => "index" 
      end
    end
  end

  def index
  	@employee = Employee.find_by_id(session[:employee_id])
  	session[:lols] = ["ass2mouf","lobstersauce","the island of jews"]
  end

  def delete_employee
  	if request.post?
		employee = Employee.find_by_id(params[:id])
		employee.destroy
		redirect_to :action => "list_employees"
  	end
  end

def list_employees
  @employee = Employee.find_by_id(session[:employee_id])

  if params[:search] == nil
      @employees = Employee.find(:all)
  else
      @employees = Employee.search params[:search]
  end
end

private
  def param_posted?(symbol)
    request.post? and params[symbol]
  end

end

